Contents:
Social media — the missing piece in a cybersecurity puzzle
When asked about why cybercriminals target passwords, most people typically think of common motives like stealing sensitive data, hijacking accounts for ransom, or infecting systems with malware to disrupt operations. But in an exclusive interview for NordPass, Dennis-Kenji Kipker, a Professor of IT Security Law and Research Director at cyberintelligence.institute, brought to light a sometimes overlooked aspect — that some attackers may steal credentials just to get access to a company’s social media platforms and wreak havoc. He said:
As an attacker, I could also try to attack the whole social media system of a company and have the company’s communications under control. [...] Data, if disclosed, could cause very considerable damage not only to the company as an abstract legal entity, but also to all people involved in business relationships with that company and, of course, the employees.
Dennis-Kenji Kipker
Professor of IT Security Law and Research Director at cyberintelligence.institute
Simply put, Professor Kipker points out that mishandling passwords for social media accounts can lead to more than just losing access. It can also result in losing the trust of partners and customers, which can then lead to financial losses. How do we know things like these could happen? Because similar incidents have occurred in the past.
Real-life examples of huge social media takeovers
A major corporation stuns everyone by announcing its acquisition by a primary rival; a government agency spreads fake news causing chaos in the cryptocurrency market; a renowned music label reports the passing of one of its top artists — these are not plot ideas for the next season of Black Mirror. They are real instances where false information was shared through the official social media channels of popular organizations, leading many people to believe it was true.
That’s right. The first situation refers to the 2013 Twitter hack of Burger King, where cybercriminals seized control of the company’s Twitter account to spread false news alleging that Burger King had been acquired by McDonald's. The second incident occurred in 2024 and involved the Twitter hack of the Securities and Exchange Commission (SEC). In this case, cyber attackers exploited the SEC's account to falsely announce the approval of spot-Bitcoin exchange-traded funds, leading to a significant surge in Bitcoin's price. The third example pertains to the 2016 incident involving the hacking of Sony Music's Twitter account, during which cyber attackers circulated a hoax about the death of the pop star Britney Spears.
While not officially confirmed, it's widely suspected that these social media takeovers stemmed from compromised passwords or actions leading to password breaches, such as phishing or malware. As expected, each incident damaged the affected company's reputation, occasionally resulting in significant consequences and, at other times, causing less severe repercussions.
Of course, as you can imagine, these are but three out of hundreds, if not thousands, of other similar cases. This begs the question: why did these events occur in the first place?
Why do social media takeovers happen?
The first reason, as hinted earlier in this article, is that businesses often overlook the security of their social media accounts. While they focus on protecting their internal systems from malware and other threats, they sometimes neglect the security of their social media presence.
Another factor may be businesses' tendency to prioritize their core operations over social media security, assuming these platforms are inherently safe and require no additional steps to safeguard against potential risks.
The next critical aspect is when organizations overlook the necessity of removing access to social media accounts when employees leave their positions. This creates a dual risk: first, if ex-employees are dissatisfied, they can post damaging content, harming the company's reputation. Second, inactive accounts can become targets for hackers, allowing them to use them as gateways to take over the company's social media channels.
Then, there's the issue with passwords. At NordPass, we use the phrase, "For almost every task at work, there’s a password." This rings true as most business operations necessitate the use of password-protected accounts. However, as highlighted in our Top 200 Most Common Passwords report, many individuals — regardless of their job title or position within the company — use weak passwords that can be easily cracked. Moreover, many employees use the same password across multiple accounts and services, amplifying the risk of a breach.
We also need to touch upon the irresponsible sharing of passwords among company members, often done through chat, email, or… written notes (yikes!). If some business leaders were to inquire about how their staff members share passwords for company social media accounts like LinkedIn, Instagram, or Facebook, they might be alarmed by the lack of security practices in place.
Of course, losing access to company social media accounts can also happen due to phishing, malware attacks, or other cyber intrusions targeting unsuspecting employees. However, ensuring passwords are strong and securely managed at all times decreases the chances of falling victim to such cyber threats, thus protecting the integrity and security of company social media accounts.
What if your company’s social media gets hacked?
Although it's not overly challenging to imagine the outcomes of a social media takeover, being informed about the potential consequences can provide stronger motivation for us all to take action.
First and foremost, a social media takeover can lead to severe reputational damage. Malicious actors have the power to tarnish an organization's reputation by posting damaging content or spreading false rumors. This could result in the loss of key business partners and clients. Even when it's clear that the content in question is the work of cybercriminals, rebuilding relationships with partners and customers can be more challenging than expected.
Another major risk, closely tied to reputational harm, is financial loss. When cybercriminals hijack a company's social media channels and spread false information, it can cause existing customers to turn away and deter potential customers from engaging with the brand. As a result, the company may experience a significant decline in sales revenue, and face heightened difficulty in securing investments or loans. Not to mention the fact that the time and resources required to address the aftermath of a social media takeover can impede the company's focus on growth.
A hostile social media takeover can also result in a loss of privacy for the company's members. In other words, it opens the door to personal information being exposed or misused, potentially resulting in identity theft or attempts to exploit someone's private image. Repairing such damage could require years of effort and resources beyond what the company initially anticipated.
Yes, social media takeovers can be prevented
Let's shift our focus away from discussing the reasons and dangers of social media takeover and concentrate on solutions to the problem at hand — of which there are a couple.
To effectively prevent social media takeovers, a company must first recognize the threat. As highlighted earlier, many individuals may not even realize that cybercriminals target passwords to seize control of business social media channels. Therefore, the first step is to raise awareness across the organization and establish clear guidelines for accessing and sharing social media platform credentials among company members. This includes determining who can access the credentials, specifying who they can be shared with, and deciding what actions to take when a social media manager or anyone with access to company social media leaves the organization.
Step two involves utilizing today's available technology to allow employees to securely handle the company's social media account credentials. This can be achieved by adopting a robust password manager like NordPass. How so?
How NordPass can help your company in this regard
First, NordPass is an easy-to-use yet technologically advanced password manager that allows organization members to securely store, manage, and share passwords, passkeys, credit card details, and other sensitive information.
Beyond that, NordPass is a cybersecurity tool that allows you to monitor access to your company resources, including social media channels. Plus, it enables you to quickly identify weak, old, and re-used passwords in your company, and check whether company credentials have been compromised in a breach.
As a result, NordPass can be a valuable tool for organizations looking to protect their social media accounts from misuse by outsiders — all while enhancing performance and efficiency.